﻿using System;
using System.Data;
using System.Configuration;
using System.Web;
using System.Web.Security;
using System.Web.UI;
using System.Web.UI.WebControls;
using System.Web.UI.WebControls.WebParts;
using System.Web.UI.HtmlControls;
using System.Data.SqlClient;

/// <summary>
/// Validated 的摘要说明
/// </summary>
public class Validated
{
    public Validated()
    {

    }
    /// <summary>
    /// 验证用户是否存在
    /// </summary>
    /// <param name="userName">用户名</param>
    ///  <param name="userPwd">密码</param>
    /// <returns>如果存在,返回true;否则,返回false</returns>
    public static bool validatedUser(string userName, string userPwd)
    {
        bool authenticated = false;

        string connStr = System.Configuration.ConfigurationManager.AppSettings["DBConnectionString"];
        SqlCommand cmd = new SqlCommand();
        cmd.Connection = new SqlConnection(connStr);
        try
        {
            cmd.Connection.Open();
            cmd.Parameters.Add("@userName", SqlDbType.VarChar).Value = userName;
            string pwd = Encrypt.toMD5(userPwd);
            cmd.Parameters.Add("@userPwd", SqlDbType.VarChar).Value = pwd;
            
            cmd.CommandText = "select * from USERS where USERNAME=@userName and PASSWD=@userPwd ";
            SqlDataReader sdr = cmd.ExecuteReader();
            if (sdr.HasRows)
            {
                authenticated = true;
            }
            sdr.Close();
        }
        catch (Exception ex)
        {
            throw (ex);
        }
        finally
        {

            cmd.Connection.Close();
        }

        return authenticated;
    }
}
